Re: [Full-disclosure] imageshack - pwned for anti-sec.
As annoying as full disclosure can be to some of us who manage multiple sites for a wide range of customers using packages such as phpbb, wordpress, etc. (and subsequently fall victim to mass attacks) I do believe that the only way to assure that we write secure code and use secure practices is to have complete and reaponsible full discolsure. History is the best way to make a more secure future. Philippe Ouellet Sent from my iPhone On 2009-07-10, at 10:15 PM, rxxayyw...@hush.ai wrote: __ .__ __/ |_|__| __ \__ \ /\ __\ | __ / ___// __ \_/ ___\ / __ \| | \ | | | /_/ \___ \\ ___/\ \___ ( /___| /__| |__| / \___ \___ \/ \/ \/ \/ \/ Proudly presents... _ __ (_) | | | | _ _ __ ___ __ _ __ _ ______ | |__ __ _ ___| | __ | | '_ ` _ \ / _` |/ _` |/ _ \' / __| | '_ \ / _` |/ __| |/ / | | | | | | | (_| | (_| | __/ \__ \ | | | (_| | (__| |_|_| |_| |_|\__,_|\__, |\___| |___/ |_| |_|\__,_|\___|_|\_\ __/ | |___/ Anti-sec. We're a movement dedicated to the eradication of full-disclosure. We wanted to give everyone an image of what we're all about. Full-disclosure is the disclosure of exploits publicly - anywhere. The security industry uses full-disclosure to profit and develop scare-tactics to convince people into buying their firewalls, anti-virus software, and auditing services. Meanwhile, script kiddies copy and paste these exploits and compile them, ready to strike any and all vulnerable servers they can get a hold of. If whitehats were truly about security this stuff would not be published, not even exploits with silly edits to make them slightly unusable. As an added bonus, if publication wasn't enough, these exploits are mirrored and distributed widely across the Internet with a nice little advertisement embedded in them for the crew or website which first exposed the vulnerability to the public. It's about money. While the world is difficult to change, and money will certainly continue to be a very important in the eyes of many, our battle is that of the removal of full-disclosure for the purpose of making it harder for the security industry to exploit its consequences. It is our goal that, through mayhem and the destruction of all exploitive and detrimental communities, companies, and individuals, full-disclosure will be abandoned and the security industry will be forced to reform. How do we plan to achieve this? Through the full and unrelenting, unmerciful elimination of all supporters of full-disclosure and the security industry in its present form. If you own a security blog, an exploit publication website or you distribute any exploits... you are a target and you will be rm'd. Only a matter of time. This isn't like before. This time everyone and everything is getting owned. Signed: The Anti-sec Movement No images were harmed in the making of this... image. anti-sec:~/pwn# perl img-scan.pl Found img1.imageshack.us - lighttpd/1.4.18 - SSH-1.99-OpenSSH_4.5 [snip] Found img998.imageshack.us - lighttpd/1.4.18 - SSH-1.99-OpenSSH_4.5 anti-sec:~/pwn# perl mass-pwn.pl Connecting... Linux worf.imageshack.us 2.6.15-1.2054_FC5 #1 SMP Tue Mar 14 15:48:20 EST 2006 x86_64 x86_64 x86_64 GNU/Linux Replacing images... img1 -- img998 All images replaced: http://img998.imageshack.us/antisec.jpg If you think that we oppose your website, our advise is to pack it up and shut it down, because we're coming for you. - anti-sec. -- Click now and enjoy a fantastic vacation in the wine country. http://tagline.hushmail.com/fc/BLSrjkqdLRlMNd0RptkoG7EHMUX9UWYhGwIIOEdGkkLzEAEQYywTUPkr1Co/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] 'Secure' Wyse thin clients vulnerable to remote exploit bugs
http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/ enjoy -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 1829-1] New sork-passwd-h3 packages fix cross-site scripting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1829-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris July 11, 2009 http://www.debian.org/security/faq - Package: sork-passwd-h3 Vulnerability : insufficient input sanitising Problem type : remote Debian-specific: no CVE ID : CVE-2009-2360 Debian Bug : 536554 It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack via the backend parameter. For the oldstable distribution (etch), this problem has been fixed in version 3.0-2+etch1. For the stable distribution (lenny), this problem has been fixed in version 3.0-2+lenny1. For the testing distribution (squeeze), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 3.1-1.1. We recommend that you upgrade your sork-passwd-h3 packages. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - --- Debian (oldstable) - -- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0.orig.tar.gz Size/MD5 checksum: 966096 ca5612500c91c4ef3c838e8e94376332 http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0-2+etch1.dsc Size/MD5 checksum: 722 9c114c8b4abf6db6b91a94f4e0359f77 http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0-2+etch1.diff.gz Size/MD5 checksum: 8070 f8bdcfd6195df252914144f2a9e78869 Architecture independent packages: http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0-2+etch1_all.deb Size/MD5 checksum: 936654 8827158aa7959c230edd2f264061309d Debian GNU/Linux 5.0 alias lenny - Debian (stable) - --- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0-2+lenny1.dsc Size/MD5 checksum: 1134 21cddfb0875a3513716238b2482c8f48 http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0.orig.tar.gz Size/MD5 checksum: 966096 ca5612500c91c4ef3c838e8e94376332 http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0-2+lenny1.diff.gz Size/MD5 checksum: 8075 ac8d69e8612a96eeb18f3d68960dfaa2 Architecture independent packages: http://security.debian.org/pool/updates/main/s/sork-passwd-h3/sork-passwd-h3_3.0-2+lenny1_all.deb Size/MD5 checksum: 936656 b931e5db33decf642d8911f01b5656a1 These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-annou...@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkpYPGIACgkQ62zWxYk/rQcNnQCgkfrojthpvgPbe0LqBvmh0y5A 8mgAn2+JAEoDspL4DLr3MO527dYAh5lN =YZe4 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] AntiAntiSec / Endgame
Uh oh, Is that you Chris Silva? I'm doubtful all the rage is over some images. I can only imagine you're sad the 04/09/09 source is being dropped;( I know, We all are. That is besides the huge lulz incurred on all of #compton and #antisec by posting the inane (and largely useless) comments in Retina for our amusement, I think the time has come to man up a bit on your part. Oh, Whats that? Its illegal in the state of california not to report breakins that could endanger private data? Sometimes I guess people need a little motivation. dark.nulldisclosure.net:539/retinaeeyelulz.tar.gz Don't blame me though, That stuff has been making the rounds on undernet for quite some time. In the event its not more pandering from eEye (Admittedly unlikely) (Inb4 Lawsuits on blackhat forums). Thats even worse, Then its just some internet toughguy trying to posture so he can save face. ___ ___ Though I appreciate the sentiment here with Antisec You know the We're super big bad guys, the government doesn't care. I have a feeling I'm going to have to call your bluff. Wasn't this the exact same response to the ownage of BlueBoar back in the day? WE WILL HUNT YOU DOWN EL8, YOU WILL PAY, WE ARE GOVERNMENT BLAH BLAH BLAH Please, Spare me the pleasantries. El8 and related groups shattered your worldview. And that was a shortlived and ultimately fairly tame voyage. Also, Since when has romeo become the spokesperson for Antisec? Thats like saying textfiles is the spokesperson for Anarchy and clandestine LSD production. So, In short, Be well Dr. Antiantisec, Do good work, and be sure to keep Pidgin or NTP listening! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] List Charter
[Full-Disclosure] Mailing List Charter John Cartwright jo...@grok.org.uk - Introduction Purpose - This document serves as a charter for the [Full-Disclosure] mailing list hosted at lists.grok.org.uk. The list was created on 9th July 2002 by Len Rose, and is primarily concerned with security issues and their discussion. The list is administered by John Cartwright. The Full-Disclosure list is hosted and sponsored by Secunia. - Subscription Information - Subscription/unsubscription may be performed via the HTTP interface located at http://lists.grok.org.uk/mailman/listinfo/full-disclosure. Alternatively, commands may be emailed to full-disclosure-requ...@lists.grok.org.uk, send the word 'help' in either the message subject or body for details. - Moderation Management - The [Full-Disclosure] list is unmoderated. Typically posting will be restricted to members only, however the administrators may choose to accept submissions from non-members based on individual merit and relevance. It is expected that the list will be largely self-policing, however in special circumstances (eg spamming, misappropriation) then offending members may be removed from the list by the management. An archive of postings is available at http://lists.grok.org.uk/pipermail/full-disclosure/. - Acceptable Content - Any information pertaining to vulnerabilities is acceptable, for instance announcement and discussion thereof, exploit techniques and code, related tools and papers, and other useful information. Gratuitous advertisement, product placement, or self-promotion is forbidden. Disagreements, flames, arguments, and off-topic discussion should be taken off-list wherever possible. Humour is acceptable in moderation, providing it is inoffensive. Politics should be avoided at all costs. Members are reminded that due to the open nature of the list, they should use discretion in executing any tools or code distributed via this list. - Posting Guidelines - The primary language of this list is English. Members are expected to maintain a reasonable standard of netiquette when posting to the list. Quoting should not exceed that which is necessary to convey context, this is especially relevant to members subscribed to the digested version of the list. The use of HTML is discouraged, but not forbidden. Signatures will preferably be short and to the point, and those containing 'disclaimers' should be avoided where possible. Attachments may be included if relevant or necessary (e.g. PGP or S/MIME signatures, proof-of-concept code, etc) but must not be active (in the case of a worm, for example) or malicious to the recipient. Vacation messages should be carefully configured to avoid replying to list postings. Offenders will be excluded from the mailing list until the problem is corrected. Members may post to the list by emailing full-disclos...@lists.grok.org.uk. Do not send subscription/ unsubscription mails to this address, use the -request address mentioned above. - Charter Additions/Changes - The list charter will be published at http://lists.grok.org.uk/full-disclosure-charter.html. In addition, the charter will be posted monthly to the list by the management. Alterations will be made after consultation with list members and a concensus has been reached. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Fwd: Re: SPEcial ediTON
Speak publically or don't speak faggot. - Forwarded message from Ronny Lawson ronnylaw...@gmail.com -- --- Where is your IRC? I want you to prove to me that you can own me, or anything for that matter. On Jul 10, 2009, at 8:18 PM, anti...@hushmail.com wrote: __ .__ __/ |_|__| __ \__ \ /\ __\ | __ / ___// __ \_/ ___\ / __ \| | \ | | | /_/ \___ \\ ___/\ \___ ( /___| /__| |__| / \___ \___ \/ \/ \/ \/ \/ We live and breathe for rm'ing whitehats. BUT, tonight is a special night. Thats right... special, as in K- sPecial my bruvas. This friday night, not only will we sit alone, in our rooms (all of us together too! luls) and masturbate to unix console anime porn.. BUT, we will own ourselves. WHY?? We are the whitehats. PROOF?? Mhm... error: `BUSECCCKS. sh# echo buttholes buttholes sh# ok, now lets execute the FD 0day ok,: command not found sh# damn forgot to tell my lover er my console to echo damn: command not found sh# /home/pr0j3ct/SUCKDICK HLO OH THAT FEELS GOOD WE'RE SO ELEET M DONT STOP MISSION COMPLETE. sh# Yepp SANS, hows that for day? I BET YOU DIDNT KNOW PR0JUNK MAYDAY WAS JUST A BUNCH OF SUPER LAME WANNABES, RIDING THE SCENE FOR THEIR OWN PLEASURES, RIGHT? WRITE ME A FUCKING DIARY ON THAT DONGS. YOU FUCKING PUSSIES. NOBODY CARES ABOUT YOU, NOT EVEN YOUR SISTERS THAT YOU DRESS LIKE. NOBODY BELIEVES IN YOU OR THE SCENE ANYMORE, LIKE NO ONE BELIEVES IN YOUR PATHETIC LIVES. TAKE A GOOD LOOK AROUND, TAKE A SHOWER AND LOOK IN THE MIRROR. YOU HAVE BBS. YOU HAVE PSYS. AND THOSE ARE THE ONLY ONES YOU'LL EVER TOUCH. MORONS. CLUELESS, FUCKING, MORONS. YOU THINK YOU CAN CHANGE ANYTHING? YOU ARE FAR STUPIDER THAN ANYONE GIVES YOU THE TIME OF DAY FOR YOU DUMBSHITZ. WE WILL OWN YOU. WE WILL FUCK YOU. WE WILL SHIT ON YOUR FACES AND MAKE YOUR BOYFRIENDS EAT THE CURB. FUCK WITH US YOU COCK SUCKING, FAT, SLOPPY CODING FUCKS AND YOU WILL NEVER HAVE PRIDE AGAIN. ride them boys. -- You have a right to seek justice! Click here to find experienced lawyers across the USA. http://tagline.hushmail.com/fc/BLSrjkqkLEatcUXRw6yg0j2oMotUFHKKxhs1Q TMpB32MxWU6qdK3FyukQKU/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] anti-sec is GAY
__ .__ __/ |_|__| __ \__ \ /\ __\ | __ / ___// __ \_/ ___\ / __ \| | \ | | | /_/ \___ \\ ___/\ \___ ( /___| /__| |__| / \___ \___ \/ \/ \/ \/ \/ Is _ _.___. / _/ / _ \\__ | | / \ ___ / /_\ \/ | | \\_\ \/|\ | \__ /\|__ / __| \/ \/\/ That is right. They really don't even own anybody. They outsource their hacks to real hackers that were trained by wolverinez and other intellectual creatures. Savor the flavor, because reall soon, they will all enjoy what their faggot friend UT got: fucked up for being such a bitch. Proof you all are gonna get what is cumin to you (I bet you loved the way I speeeld that)? Just read your shitty pwnage logs, you dumb fucks tell on yourself all the mother fucking time. Here is PR0JUNK MAYDAY's new homeless sign: __ ___ ____ ___ / \/ \_ _/\_ _/ / | \ / | \ \/ / \ \/\/ /|__)_ |__)_ /~\/ | |\ / \/ |\ |\ \Y/^ / \ \__/\ / /___ //___ / \___|_ /\ /___/\ \ \/ \/ \/ \/ |__| \_/ ___ __ .__ __. \_ _/\_ \\__ \ \__ \ |__| | |/ _| |__) / | \| _/ || \| |/ ___\| | \ /|\| \ |` \ \ \___| | \ \___ / \___ /|_ / /___ /__|\___ |__ \ \/\/ \/ \/\/ \/ That one is sure to impress all the fedz at DEFCON! Everybody wave to Ronnie! Mad that we stole your shitty little pride? Get the fuck over it, cause you'll never have respect. Suckas. -- Improve your driving ability with a stop at traffic school. Click now! http://tagline.hushmail.com/fc/BLSrjkqhynyaTqa5fpxZ7dXbPn49t4vK8C8uylKAaRj5qe7TJfGmKRTkkpS/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/